SQL Server Bulk replaces the contents of all tables in SQL statements-clear hanging horse

Have friends often find their own database of all the content to insert some code, if you want to record a table to delete, too much trouble, the following I found in the online can be bulk Delete method, in fact, the batch to replace the malicious code, very fast.

DECLARE @t varchar (255), @c varchar (255) Declare table_cursor cursor for select a.name,b.name from sysobjects a,syscolumns b , systypes C where a.id=b.id and a.xtype= ' u ' and c.name/* "U" for the type of data you want to manipulate, not all data types, don't want to bother without modifying */in (' char ', ' nchar ', ' Nvarch Ar ', ' varchar ', ' text ', ' ntext '/*--here if your text (ntext) type does not exceed 8000 (4000) length, you can use */) DECLARE @str varchar, @str2 varchar set @str = '/* Here is the character you want to replace */set @str2 = '/* * replaced by the character */open Table_cursor fetch next from Table_cursor to @t,@c W Hile (@ @fetch_status =0) begin EXEC (' Update [' + @t + '] set [' + @c + ']=replace (cast ([' + @c + '] as varchar (8000)), ' [Email PR otected]+ ', ' + @str2 + ') ' fetch next from table_cursor to @t,@c end close Table_cursor deallocate table_cursor;

The SQL Server Query Analyzer executes the above code, does not need to see which table, which word is injected, you can quickly delete the injected fields, very useful!

SQL Server Bulk replaces the contents of all tables in SQL statements-clear hanging horse